<?php
//check session
session_start();
if (!isset($_SESSION['ID'])) {
	header ("Location: login.php");
	exit;
}

//connect to DB
//$dbConn = mysql_connect ('brak','onlinesupport','31E42RGbGCY');
$dbConn = mysql_connect ('192.168.0.3','onlinesupport','31E42RGbGCY');
mysql_select_db("onlinesupport");

//authorization functions
function authorize($desc) {
	// This function redirects to index page if user isnt authorized
	$query = mysql_query("select `value` from `helpdesk_permissions` where `name` = '{$desc}'");
	$permissions = mysql_fetch_array($query);
	$query = mysql_query("select `status` from helpdesk_users where `HD_user_ID` = '{$_SESSION["ID"]}'");
	$status = mysql_fetch_array($query);

	if (((int)$permissions['value'] & (int)$status['status']) == false) {
		header ("Location: index.php?error=true");
	}
}

function auth_check($desc) {
	$query = mysql_query("select `value` from helpdesk_permissions where `name` = '{$desc}'");
	$permissions = mysql_fetch_array($query);
	$query = mysql_query("select `status` from helpdesk_users where `HD_user_ID` = '{$_SESSION["ID"]}'");
	$status = mysql_fetch_array($query);
	
	return (boolean) ((int)$permissions['value'] & (int)$status['status']);
}

function auth_check_user($HD_user_ID, $desc) {
	$query = mysql_query("select `value` from helpdesk_permissions where `name` = '{$desc}'");
	$permissions = mysql_fetch_array($query);
	$query = mysql_query("select `status` from helpdesk_users where `HD_user_ID` = '{$HD_user_ID}'");
	$status = mysql_fetch_array($query);
	
	return (boolean) ((int)$permissions['value'] & (int)$status['status']);
}

//other functions
function reverseProbtype($id) {
	$result = mysql_query("select * from problem_type WHERE `PT_ID`='".$id."'");
	while ($row = mysql_fetch_array($result)) {
		return $row['PT_desc'];
	}
}
?>